Framework Computer raised DDR5 memory prices for its Laptop DIY Editions by 50% due to industry-wide memory shortages. Phoronix reports: Framework Computer is keeping the prior prices for existing pre-orders and also is foregoing any price changes for their pre-built laptops or the Framework Desktop. Framework Computer also lets you order DIY laptops without any memory at all if so desired for re-using existing modules or should you score a deal elsewhere.
Due to their memory pricing said to be more competitive below market rates, they also adjusted their return policy to prevent scalpers from purchasing DIY Edition laptops with memory while then returning just the laptops. The DDR5 must be returned now with DIY laptop order returns. Additional details can be found via the Framework Blog.
Philips Hue is one of the most well-respected and popular brands in smart lights—but what about its smart security cameras? Parent company Signify has been developing Hue cameras for a couple of years now, with a video doorbell and 2K camera upgrades recently added to the portfolio of devices. (Note: This 2K version hasn't yet landed in the U.S., but the existing 1080p versions are quite similar.)
I got a chance to test out the new 2K Hue Secure camera, and alongside all the basics of a camera like this, it came with an extra bonus that worked better than I expected: seamless integration with Philips Hue lights. These two product categories actually work better together than you might think.
While you can certainly connect cameras and lights across a variety of smart home platforms, Philips Hue is one of very few manufacturers making both types of device (TP-Link is another). That gives you a simplicity and interoperability you don't really get elsewhere.
Setting up a Hue camera
All the basic security camera features are covered.Credit: Lifehacker
Hue cameras are controlled inside the same Hue app for Android or iOS as the Hue lights. You don't necessarily need a Hue Bridge to connect the camera, too, as it can link to your wifi directly, but the Bridge is required if you want it to be able to sync with your lights—which is one of the key features here. (If you already have the lights, you'll already have the Bridge anyway.)
The 2K Hue Secure wired camera I've been testing comes with a 2K video resolution (as the name suggests). two-way audio, a built-in siren, infrared night vision, and weatherproofing (so you can use it indoors or out). As well as the wired version I've got here, there's also a battery-powered option, and a model that comes with a desktop stand.
Once configured, the camera lives in the same Home tab inside the mobile app as any Philips Hue lights you've got. The main panel doesn't show the camera feed—instead, it shows the armed status of the camera, which can be configured separately depending on whether you're at home or not. The idea is that you don't get disturbed with a flurry of unnecessary notifications when you're moving around.
The basic functionality is the same as every other security camera: Motion is detected and you get a ping to your phone with details, with a saved clip of the event that stays available for 24 hours. You can also tap into the live feed from the camera at any time, should you want to check in on the pets or the backyard.
As is often the case with security cameras, there is an optional subscription plan that gives you long-term video clip storage, activity zone settings, and AI-powered identification of people, animals, vehicles, and packages. That will set you back from $4 a month, with a discount if you pay for a year at a time.
Syncing a camera with smart lights
Your cameras can be used as customized triggers for your lights.Credit: Lifehacker
I started off a little unsure about just how useful it would be to connect up the Hue cameras and Hue lights—it's not a combination that gets talked about much—but it's surprisingly useful. If you delve into the camera settings inside the Hue app, there's a Trigger lights section especially for this.
You get to choose which of your lights are affected—they don't all have to go on and off together—and there are customizations for color and brightness across certain time schedules. You could have your bulbs glowing red during the night, for example, or turning bright blue during the daytime. The duration the lights stay on for can also be set.
It's not the most sophisticated system, but it works: If someone is loitering around your property, you can have a selected number of lights turn on to put them off, or to suggest that someone is in fact at home. This is in addition to everything else you can do, including sounding a siren through the camera, and because it works through the Hue Bridge it all happens pretty much instantaneously.
You can also set specific cameras as basic motion sensors for you and your family—lighting up the way to the bathroom late at night, for example. This can work even when the system is disarmed, so there's no wifi video streaming happening, but the cameras are still watching out for movement and responding accordingly.
There's one more option worth mentioning in the security settings in the Hue app: "mimic presence." This can randomly turn your lights on and off at certain points in the day, and the schedule you choose can be controlled by whether or not your Hue security is armed or disarmed (so nothing happens when everyone is at home).
When I hear that a smartwatch company is launching a ring, I assume it’s going to be a smart ring. But Pebble went a different direction, instead creating what’s basically a remote microphone that can work with your phone and other devices. It's available for pre-order for $75, and will sell for $99 after launch.
Pebble’s new ring is called the Index 01. It’s got a button you can click and hold, and a microphone that will listen to what you’re saying as you hold the button. The recording is then sent to your phone, where it’s processed on-device. That's it—no heart rate sensor, and no charging dock.
The Index 01's specs and functionality
Eric Migicovsky, Pebble’s founder, describes using the Index to capture short messages and send instructions to his Pebble watch via his phone. The idea is that you wear the Index on your index finger (get it?) and press the button with your thumb. The ring comes in three colors: matte black with a black button, polished gold with a blue button, and silver with a white button.
There is no battery to charge, just a built-in battery that lasts a total of 12 to 15 hours. Migicovsky writes: “On average, I use it 10-20 times per day to record 3-6 second thoughts. That’s up to 2 years of usage.”
The ring doesn’t have a speaker and can’t vibrate for notifications; it’s just for input. Communication between the ring and your phone is encrypted, and the voice recordings are processed into text on your phone, without requiring an internet connection. The ring doesn’t talk directly to a Pebble watch, but it can talk to your phone and your phone can then display any output to the watch—for example, displaying the text of a reminder that you set.
Who should buy an Index 01 ring?
So far, Pebble users don’t seem to be nearly as excited about this product as Migicovsky is. A Reddit thread discussing the announcement has comments like “Cool idea, weird product,” and “Why would I want this if I already have a Pebble that has all the capability to take voice notes?”
Migicovsky explains in the company’s blog post that his goal was for the button to be operated with one hand, and gestures on the Pebble weren’t reliable enough. He also emphasizes the fact you don’t need to charge it, while some of the users seem to be more concerned that a device that can't be charged is basically disposable—"manufactured e-waste."
After about two years of use (or less, if you make longer recordings), the app will ask if you’d like to order another ring. The ring will cost $75 to pre-order, and $99 at its regular price. There hasn’t been any mention of a discounted rate for a replacement; it sounds like you’re supposed to buy a new $99 ring every two years.
The ring’s functionality could be extended in the future. A double click-and-hold could signal the Pebble app to process the data in a different way (perhaps sending it to ChatGPT, Migicovsky suggests) and developers could connect the voice processing in the app to other services like calendar and weather apps.
"Researchers engineered a strained germanium layer on silicon that allows charge to move faster than in any silicon-compatible material to date," reports Science Daily. "This record mobility could lead to chips that run cooler, faster, and with dramatically lower energy consumption.
"The discovery also enhances the prospects for silicon-based quantum devices..."
Scientists from the University of Warwick and the National Research Council of Canada have reported the highest "hole mobility" ever measured in a material that works within today's silicon-based semiconductor manufacturing.... The researchers created a nanometer-thin germanium epilayer on silicon that is placed under compressive strain. This engineered structure enables electric charge to move faster than in any previously known silicon-compatible material...
The findings establish a promising new route for ultra-fast, low-power semiconductor components. Potential uses include quantum information systems, spin qubits, cryogenic controllers for quantum processors, AI accelerators, and energy-efficient servers designed to reduce cooling demands in data centers. This achievement also represents a significant accomplishment for Warwick's Semiconductors Research Group and highlights the UK's growing influence in advanced semiconductor materials research.
Sales are accurate at the time of publication, but prices and inventory are always subject to change.
Bose's QuietComfort Headphones are among the best noise-cancelling over-ear headphones you can buy today. They may be a couple of years old at this point, but they're still competitive, and now there's a Cyber Monday 2025 deal that's bringing them to more than half off. That's a fantastic deal on a really good product, and if you're in the market for over-ear noise cancelling headphones, you should definitely consider it.
In Amazon's Cyber Monday 2025 sale, the Bose QuietComfort Headphones are down to $159.99 (54% off) in black. The best thing about these headphones are the color choices it's available in, and the good news is that multiple color variants are going at $179.99 (50% off). That's still a decent savings, even if it's not quite as high as what you'd save on the more boring color.
PCMag's review gave this product a 4/5, praising it for its controls, sound quality, and noise cancellation. This product misses out on support for newer Bluetooth codecs, unlike the pricier Bose QuietComfort Ultra ($399, 11% off). The older product doesn't charge as fast as the QC Ultra either, but it will still sound great. The review calls out the price for being a bit too high, but this Cyber Monday Sale rectifies that. You can now get the QuietComfort headphones for $239 less than the QuietComfort Ultra.
I recently tried the QuietComfort headphones in-person, and I was impressed by the build quality and how light they felt on my head. The noise cancellation was also great.
These types of headphones serve a dual purpose in my life. They cut out external noise during long flights, and they also keep my ears warm when I'm in windy places in the winter (looking at you, Scotland!). If you're not sure which over-ear headphones to get this Cyber Monday, look no further than the Bose QuietComfort ones.
How long do Cyber Monday deals really last?
Black Friday sales officially begin Friday, November 28, 2025, and run throughout “Cyber Week,” the five-day period that runs from Thanksgiving through Cyber Monday, December 1, 2025. But Black Friday and Cyber Monday dates have expanded as retailers compete for customers. Expect sales to wind down by December 3, 2025.
What stores have the best sales on Cyber Monday?
Nowadays, both large retailers and small businesses compete for Cyber Monday shoppers, so you can expect practically every store to run sales through Monday, December 1, 2025. The “best” sales depend on your needs, but in general, the biggest discounts tend to come from larger retailers that can afford lower prices: think places like Amazon, Walmart, Target, Best Buy, and Home Depot. You can find all the best sales from major retailers on our live blog.
Are Cyber Monday deals worth it?
In short, yes, Cyber Monday still offers discounts that can be rare throughout the rest of the year. If there’s something you want to buy, or you’re shopping for gifts, it’s a good time to look for discounts on what you need, especially tech sales, home improvement supplies, and fitness tech. Of course, if you need to save money, the best way to save is to not buy anything.
Our Best Editor-Vetted Cyber Monday Deals Right Now
Sales are accurate at the time of publication, but prices and inventory are always subject to change.
Even after the release of the Pixel 10 series, the budget-oriented Pixel 9a is still the best Google phone for most people. That's according to Lifehacker's Associate Tech Editor Michelle Ehrhardt . And I agree. I’ve used the Pixel 9a as my secondary phone for months now. For Cyber Monday, Amazon is discounting the Pixel 9a to just $349. That’s $150 off the original price, and it’s the lowest price we’ve seen yet.
Instead, what you have here is a solid little dependable smartphone. It’s still got the same Tensor G4 processor as the regular Pixel 9, and you still get a 120Hz refresh rate display with the latest Android 16 OS. This thing is still as fast and smooth as the day it was launched. There’s 8GB RAM, which is enough to run some Gemini tasks locally, and fast enough for day to day use. At 5,100 mAh, it has quite a large battery backup as well. Not to mention Google's new 7-year software update promise, which also applies to the 9a.
Because it uses smaller and older sensors, the camera is admittedly just okay. Don’t expect Pixel Pro level photos here. But for regular, everyday use, the camera will be more than adequate.
The Pixel 9a has everything that a regular user would want from a smartphone, and could be a perfect gift for your parents or grandparents this holiday season. As Michelle puts it in her review, “But outside of being a good A-series phone, I also think it’s just a plain good phone.“
How long do Cyber Monday deals really last?
Black Friday sales officially begin Friday, November 28, 2025, and run throughout “Cyber Week,” the five-day period that runs from Thanksgiving through Cyber Monday, December 1, 2025. But Black Friday and Cyber Monday dates have expanded as retailers compete for customers. Expect sales to wind down by December 3, 2025.
Are Cyber Monday deals worth it?
In short, yes, Cyber Monday still offers discounts that can be rare throughout the rest of the year. If there’s something you want to buy, or you’re shopping for gifts, it’s a good time to look for discounts on what you need, especially tech sales, home improvement supplies, and fitness tech. Of course, if you need to save money, the best way to save is to not buy anything.
What stores have the best sales on Cyber Monday?
Nowadays, both large retailers and small businesses compete for Cyber Monday shoppers, so you can expect practically every store to run sales through Monday, December 1, 2025. The “best” sales depend on your needs, but in general, the biggest discounts tend to come from larger retailers that can afford lower prices: think places like Amazon, Walmart, Target, Best Buy, and Home Depot. You can find all the best sales from major retailers on our live blog.
Our Best Editor-Vetted Cyber Monday Deals Right Now
A look at why identity security is failing in the age of deepfakes and AI-driven attacks, and how biometrics, MFA, PAD, and high-assurance verification must evolve to deliver true, phishing-resistant authentication.
An anonymous reader quotes a report from Bloomberg: Lenovo is stockpiling memory and other critical components to navigate a supply crunch brought on by the boom in artificial intelligence. The world's biggest PC maker is holding on to component inventories that are roughly 50% higher than usual, Chief Financial Officer Winston Cheng told Bloomberg TV on Monday. The frenzy to build and fill AI data centers with advanced hardware is raising prices for producers of consumer electronics, but Lenovo also sees opportunity in this to capitalize on its stockpile.
"The price is going very, very high, of course, and I think it's been unprecedented in terms of this rate driven by the AI demand," Cheng said. His company has long-term contracts in place and the benefit of scale, he added, and "those that have the supply actually would be able to have a position in the market." Beijing-based Lenovo will aim to avoid passing on rising costs to its customers in the current quarter, as it wants to sustain this year's strong sales growth, according to the CFO. He said the company will strike a balance between price and availability in 2026. Lenovo said last week that it has enough memory chips for all of 2026 and it can navigate any shortages better than its competitors.
An anonymous reader quotes a report from Ars Technica: Some members of the maker community are distraught about Arduino's new terms of service (ToS), saying that the added rules put the company's open source DNA at risk. Arduino updated its ToS and privacy policy this month, which is about a month after Qualcomm announced that it's acquiring the open source hardware and software company. Among the most controversial changes is this addition: "User shall not: translate, decompile or reverse-engineer the Platform, or engage in any other activity designed to identify the algorithms and logic of the Platform's operation, unless expressly allowed by Arduino or by applicable license agreements ..."
In response to concerns from some members of the maker community, including from open source hardware distributor and manufacturer Adafruit, Arduino posted a blog on Friday. Regarding the new reverse-engineering rule, Arduino's blog said: "Any hardware, software or services (e.g. Arduino IDE, hardware schematics, tooling and libraries) released with Open Source licenses remain available as before. Restrictions on reverse-engineering apply specifically to our Software-as-a-Service cloud applications. Anything that was open, stays open."
But Adafruit founder and engineer Limor Fried and Adafruit managing editor Phillip Torrone are not convinced. They told Ars Technica that Arduino's blog leaves many questions unanswered and said that they've sent these questions to Arduino without response. "Why is reverse-engineering prohibited at all for a company built on openly hackable systems?" Fried and Torrone asked in a shared statement. There are also concerns about the ToS' broad new AI-monitoring powers, which offer little clarity on what data is collected, who can access it, or how long it's retained. On top of that, the update introduces an unusual patent clause that bars users from using the platform to identify potential infringement by Arduino or its partners, along with sweeping, perpetual rights over user-generated content. This could allow Arduino, and potentially Qualcomm, to republish, modify, monetize, or redistribute user uploads indefinitely.
Inter-corporation bullshit screwing over consumers – a tale as old as time.
Major laptop vendors have quietly removed hardware decode support for the H.265/HEVC codec in several business and entry-level models, a decision apparently driven by rising licensing fees. Users working with H.265 content may face reduced performance unless they verify codec support or rely on software workarounds.
You may want to know how much these licensing fees are, and by how much they’re increasing next year, making these laptop OEMs remove features to avoid the costs. The HEVC licensing fee is $0.20 per device, and in 2026 it’s increasing to $0.24. Yes, a $0.04 increase per device is “forcing” these giant companies to screw over their consumers. Nobody’s coming out a winner here, and everyone loses.
We took a wrong turn, but nobody seems to know when and where.
Encryption can protect data at rest and data in transit, but does nothing for data in use. What we have are secure enclaves. I’ve written about this before:
Almost all cloud services have to perform some computation on our data. Even the simplest storage provider has code to copy bytes from an internal storage system and deliver them to the user. End-to-end encryption is sufficient in such a narrow context. But often we want our cloud providers to be able to perform computation on our raw data: search, analysis, AI model training or fine-tuning, and more. Without expensive, esoteric techniques, such as secure multiparty computation protocols or homomorphic encryption techniques that can perform calculations on encrypted data, cloud servers require access to the unencrypted data to do anything useful.
Fortunately, the last few years have seen the advent of general-purpose, hardware-enabled secure computation. This is powered by special functionality on processors known as trusted execution environments (TEEs) or secure enclaves. TEEs decouple who runs the chip (a cloud provider, such as Microsoft Azure) from who secures the chip (a processor vendor, such as Intel) and from who controls the data being used in the computation (the customer or user). A TEE can keep the cloud provider from seeing what is being computed. The results of a computation are sent via a secure tunnel out of the enclave or encrypted and stored. A TEE can also generate a signed attestation that it actually ran the code that the customer wanted to run.
Secure enclaves are critical in our modern cloud-based computing architectures. And, of course, they have vulnerabilities:
The most recent attack, released Tuesday, is known as TEE.fail. It defeats the latest TEE protections from all three chipmakers. The low-cost, low-complexity attack works by placing a small piece of hardware between a single physical memory chip and the motherboard slot it plugs into. It also requires the attacker to compromise the operating system kernel. Once this three-minute attack is completed, Confidential Compute, SEV-SNP, and TDX/SDX can no longer be trusted. Unlike the Battering RAM and Wiretap attacks from last month—which worked only against CPUs using DDR4 memory—TEE.fail works against DDR5, allowing them to work against the latest TEEs.
Yes, these attacks require physical access. But that’s exactly the threat model secure enclaves are supposed to secure against.
The term 3.5 inch floppy disc is in fact a misnomer. Whilst the specification for 5.25 inch floppy discs employs Imperial units, the later specification for the smaller floppy discs employs metric units.
The standards for these discs are […] all of which specify the measurements in metric, and only metric. These standards explicitly give the dimensions as 90.0mm by 94.0mm. It’s in clause 6 of all three.
Even the applicable standard in the US, ANSI X3.171-1989, specifies the size in metric. We could’ve been referring to these things using proper measurements instead of archaic ones based on the size of a monk’s left testicle at dawn at room temperature in 1375 or whatever nonsense imperial or customary used to be based on. I feel dirty for thinking I had to use “inches” for this.
If we ever need to talk about these disks on OSNews from here on out, I’ll be using proper units of measurement.
Earlier this year, popular NAS vendor Synology announced it would start requiring some of its more expensive models to only use Synology-branded drives. It seems the uproar this announcement caused has had some real chilling effect on sales, and the company just cancelled its plans.
Synology has backtracked on one of its most unpopular decisions in years. After seeing NAS sales plummet in 2025, the company has decided to lift restrictions that forced users to buy its own Synology hard drives. The policy, introduced earlier this year, made third-party HDDs from brands like Seagate and WD practically unusable in newer models such as the DS925+, DS1825+, and DS425+. That change didn’t go over well. Users immediately criticised Synology for trying to lock them into buying its much more expensive drives. Many simply refused to upgrade, and reviewers called out the move as greedy and shortsighted. According to some reports, sales of Synology’s 2025 NAS models dropped sharply in the months after the restriction was introduced.
If you want to screw over your users to make a few more euros, it’s generally a good idea to first assess just how locked-in your users really are. Synology is but one of many companies making and selling NAS devices, and even building one yourself is stupidly easy these days. There’s an entire cottage industry of motherboards and enclosures specifically designed for this purpose, and there are countless easy-to-use software options out there, too.
In other words, nobody is really locked into Synology, so any unpopular move by the company was bound to make people look elsewhere, only to discover there are tons of competing options to choose from. The market seems to have spoken, and Synology can only respond by reversing its decision. Honestly, I had almost forgotten what a healthy tech market with tons of competing options looks like.
Arduino will retain its independent brand, tools, and mission, while continuing to support a wide range of microcontrollers and microprocessors from multiple semiconductor providers as it enters this next chapter within the Qualcomm family. Following this acquisition, the 33M+ active users in the Arduino community will gain access to Qualcomm Technologies’ powerful technology stack and global reach. Entrepreneurs, businesses, tech professionals, students, educators, and hobbyists will be empowered to rapidly prototype and test new solutions, with a clear path to commercialization supported by Qualcomm Technologies’ advanced technologies and extensive partner ecosystem.
Qualcomm’s track record when it comes to community engagement, open source, and long-term support are absolutely atrocious, and there’s no way Arduino will be able to withstand the pressures from management. We’ve seen this exact story play out a million times, and it always begins with lofty promises, and always ends with all of them being broken. I have absolutely zero faith Arduino will be able to continue to do its thing like it has.
Arduino devices are incredibly popular, and it makes sense for Qualcomm to acquire them. If I were using Arduino’s for my open source projects, I’d be a bit on edge right now.
Apple has introduced a new hardware/software security feature in the iPhone 17: “Memory Integrity Enforcement,” targeting the memory safety vulnerabilities that spyware products like Pegasus tend to use to get unauthorized system access. From Wired:
In recent years, a movement has been steadily growing across the global tech industry to address a ubiquitous and insidious type of bugs known as memory-safety vulnerabilities. A computer’s memory is a shared resource among all programs, and memory safety issues crop up when software can pull data that should be off limits from a computer’s memory or manipulate data in memory that shouldn’t be accessible to the program. When developers—even experienced and security-conscious developers—write software in ubiquitous, historic programming languages, like C and C++, it’s easy to make mistakes that lead to memory safety vulnerabilities. That’s why proactive tools like special programming languages have been proliferating with the goal of making it structurally impossible for software to contain these vulnerabilities, rather than attempting to avoid introducing them or catch all of them.
[…]
With memory-unsafe programming languages underlying so much of the world’s collective code base, Apple’s Security Engineering and Architecture team felt that putting memory safety mechanisms at the heart of Apple’s chips could be a deus ex machina for a seemingly intractable problem. The group built on a specification known as Memory Tagging Extension (MTE) released in 2019 by the chipmaker Arm. The idea was to essentially password protect every memory allocation in hardware so that future requests to access that region of memory are only granted by the system if the request includes the right secret.
Arm developed MTE as a tool to help developers find and fix memory corruption bugs. If the system receives a memory access request without passing the secret check, the app will crash and the system will log the sequence of events for developers to review. Apple’s engineers wondered whether MTE could run all the time rather than just being used as a debugging tool, and the group worked with Arm to release a version of the specification for this purpose in 2022 called Enhanced Memory Tagging Extension.
To make all of this a constant, real-time defense against exploitation of memory safety vulnerabilities, Apple spent years architecting the protection deeply within its chips so the feature could be on all the time for users without sacrificing overall processor and memory performance. In other words, you can see how generating and attaching secrets to every memory allocation and then demanding that programs manage and produce these secrets for every memory request could dent performance. But Apple says that it has been able to thread the needle.
Login
